<?
include_once("./_common.php");

// 게시판 관리자 이상 복사, 이동 가능
if ($is_admin != 'board' && $is_admin != 'group' && $is_admin != 'super') 
    alert_close("게시판 관리자 이상 접근이 가능합니다.");

if ($sw != "move" && $sw != "copy")
    alert("sw 값이 제대로 넘어오지 않았습니다.");

// 원본 파일 디렉토리
$src_dir = "$g4[path]/data/file/$bo_table";

$save = array();
$save_count_write = 0;
$save_count_comment = 0;
$cnt = 0;

// SQL Injection 으로 인한 코드 보완
$sql = " select distinct wr_num from $write_table where wr_id in ($wr_id_list) order by wr_id ";
$params = explode(",", trim($wr_id_list));
$rows = sql_prepare_fetch_rows($sql, $params);
for ($ri = 0 ; $row = $rows[$ri] ; $ri++) 
{
    $wr_num = $row[wr_num];
    for ($i=0; $i<count($_POST['chk_bo_table']); $i++) 
    {
        $move_bo_table = $_POST['chk_bo_table'][$i];
        $move_write_table = $g4['write_prefix'] . $move_bo_table;

        $src_dir = "$g4[path]/data/file/$bo_table"; // 원본 디렉토리
        $dst_dir = "$g4[path]/data/file/$move_bo_table"; // 복사본 디렉토리

        $count_write = 0;
        $count_comment = 0;

        $next_wr_num = get_next_num($move_write_table);

        $sql2 = " select * from $write_table where wr_num = ? order by wr_parent, wr_comment desc, wr_id ";
        $rows2 = sql_prepare_fetch_rows($sql2, array($wr_num));
		for ($r2=0 ; $row2 = $rows2[$r2] ; $r2++) 
        {
            $nick = cut_str($member[mb_nick], $config[cf_cut_name]);
            if (!$row2[wr_is_comment] && $config[cf_use_copy_log]) 
                $row2[wr_content] .= " \n[이 게시물은 {$nick}님에 의해 $g4[time_ymdhis] {$board[bo_subject]}에서 " . ($sw == 'copy' ? '복사' : '이동') ." 됨]";
			
			$row2[wr_is_comment]+=0;
            $row2[wr_comment]+=0;
            $row2[wr_link1_hit]+=0; 
            $row2[wr_link2_hit]+=0;
            $row2[wr_hit]+=0; 
            $row2[wr_good]+=0; 
            $row2[wr_nogood]+=0;
            $row2[wr_id]+=0;
            $row2[wr_parent]+=0;
            
            $sql = " insert into $move_write_table (" .
					"wr_num, wr_reply, wr_is_comment, wr_comment, wr_comment_reply, 
					ca_name, wr_option, wr_subject, wr_content,       
					wr_link1, wr_link2, wr_link1_hit, wr_link2_hit,     
					wr_trackback, wr_hit, wr_good, wr_nogood,        
					mb_id, wr_password, wr_name, wr_email, wr_homepage,      
					wr_datetime, wr_last, wr_ip,            
					wr_1, wr_2, wr_3, wr_4, wr_5, wr_6, wr_7, wr_8, wr_9, wr_10 )" . 
					" values (".
					"?, ?, ?, ?, ?, ".            
					"?, ?, ?,  
					?, ?, ?,    
					?, ?, 
					?, ?, ?, ?,
					?, ?, ?, ?, ?,               
					?, ?, ?,
					?, ?, ?, ?, ?,   
					?, ?, ?, ?, ?) ";     
            sql_prepare_execute($sql, 
            	array($next_wr_num, "$row2[wr_reply]", $row2[wr_is_comment], $row2[wr_comment], "$row2[wr_comment_reply]",
            		addslashes($row2[ca_name]), "$row2[wr_option]", addslashes($row2[wr_subject]),
            		addslashes($row2[wr_content]), addslashes($row2[wr_link1]), addslashes($row2[wr_link2]),
            		$row2[wr_link1_hit], $row2[wr_link2_hit],
            		addslashes($row2[wr_trackback]), $row2[wr_hit], $row2[wr_good], $row2[wr_nogood],
            		"$row2[mb_id]", "$row2[wr_password]", addslashes($row2[wr_name]), addslashes($row2[wr_email]), addslashes($row2[wr_homepage]),
            		"$row2[wr_datetime]", "$row2[wr_last]", "$row2[wr_ip]",
            		addslashes($row2[wr_1]),
            		addslashes($row2[wr_2]),
            		addslashes($row2[wr_3]),
            		addslashes($row2[wr_4]),
            		addslashes($row2[wr_5]),
            		addslashes($row2[wr_6]),
            		addslashes($row2[wr_7]),
            		addslashes($row2[wr_8]),
            		addslashes($row2[wr_9]),
            		addslashes($row2[wr_10]),
            		), 1, 1);

			$r = sql_prepare_fetch("select current_val from db_serial where name = ? ",
					array("{$move_write_table}_ai_wr_id"));
			$insert_id = $r["current_val"];

            // 코멘트가 아니라면
            if (!$row2[wr_is_comment]) 
            {
                $save_parent = $insert_id;

                $sql3 = " select * from $g4[board_file_table] where bo_table = ? and wr_id = ? order by bf_no ";
                $rows3 = sql_prepare_fetch_rows($sql3, array("$bo_table", $row2[wr_id]));
				for ($k=0 ; $row3 = $rows3[$k] ; $k++) 
                {
                    if ($row3[bf_file]) 
                    {
                        // 원본파일을 복사하고 퍼미션을 변경
                        @copy("$src_dir/$row3[bf_file]", "$dst_dir/$row3[bf_file]");
                        @chmod("$dst_dir/$row3[bf_file]", 0606);
                    }
                    $row3[bf_no]+=0;
                    $row3[bf_filesize]+=0; 
                    $row3[bf_width]+=0;
                    $row3[bf_height]+=0; 
                    $row3[bf_type]+=0;

                    $sql = " insert into $g4[board_file_table] (" .
							"bo_table, wr_id, bf_no, bf_source, bf_file, " .
							"bf_download, bf_content, bf_filesize, bf_width, bf_height, " .
							"bf_type, bf_datetime)" .
							"values (" .
							"?, ?, ?, ?, ?," .
							"?, ?, ?, ?, ?, " .
							"?, ?)";
                    sql_prepare_execute($sql,
                    	array("$move_bo_table", $insert_id, $row3[bf_no], "$row3[bf_source]", "$row3[bf_file]",
                    		$row3[bf_download], addslashes($row3[bf_content]), $row3[bf_filesize], $row3[bf_width], $row3[bf_height],
                    		$row3[bf_type], "$row3[bf_datetime]"),
                    	1, 1);

                    if ($sw == "move" && $row3[bf_file])
                        $save[$cnt][bf_file][$k] = "$src_dir/$row3[bf_file]";
                        
                }

                $count_write++;

                if ($sw == "move" && $i == 0) 
                {
                    // 스크랩 이동
                    sql_prepare_execute(
						" update $g4[scrap_table] set bo_table = ?, wr_id = ? where bo_table = ? and wr_id = ? ",
						array("$move_bo_table", $save_parent, "$bo_table", $row2[wr_id]), 1, 1);

                    // 최신글 이동
                    sql_prepare_execute(
						" update $g4[board_new_table] set bo_table = ?, wr_id = ?, wr_parent = ? where bo_table = ? and wr_id = ? ",
						array("$move_bo_table", $save_parent, $save_parent, "$bo_table", $row2[wr_id]), 1, 1);
                }
            } 
            else 
            {
                $count_comment++;

                if ($sw == "move")
                {
                    // 최신글 이동
                    sql_prepare_execute(
						" update $g4[board_new_table] set bo_table = ?, wr_id = ?, wr_parent = ? where bo_table = ? and wr_id = ? ",
						array("$move_bo_table", $insert_id, $save_parent, "$bo_table", $row2[wr_id]), 1, 1);
                }
            }
            
            sql_prepare_execute(
				" update $move_write_table set wr_parent = ? where wr_id = ? ", 
				array($save_parent, $insert_id), 1, 1);
				
            if ($sw == "move")
                $save[$cnt][wr_id] = $row2[wr_parent];
            $cnt++;
        }
        	
        
        sql_prepare_execute(
			" update $g4[board_table] set bo_count_write = bo_count_write + ? where bo_table = ? ",
			array($count_write, "$move_bo_table"), 1, 1);
        sql_prepare_execute(
			" update $g4[board_table] set bo_count_comment = bo_count_comment + ? where bo_table = ? ",
			array($count_comment,  "$move_bo_table"), 1, 1);
    }

    $save_count_write += $count_write;
    $save_count_comment += $count_comment;
}
	

if ($sw == "move") 
{
    for ($i=0; $i<count($save); $i++) 
    {
        for ($k=0; $k<count($save[$i][bf_file]); $k++)
            @unlink($save[$i][bf_file][$k]);    
        sql_prepare_execute(
			" delete from $write_table where wr_parent = ? ",
			array($save[$i][wr_id]), 1, 1);
        sql_prepare_execute(
			" delete from $g4[board_new_table] where bo_table = ? and wr_id = ? ",
			array("$bo_table", $save[$i][wr_id]), 1, 1);
        sql_prepare_execute(
			" delete from $g4[board_file_table] where bo_table = ? and wr_id = ? ",
			array("$bo_table", $save[$i][wr_id]), 1, 1);
    }
    sql_prepare_execute(
		" update $g4[board_table] set bo_count_write = bo_count_write - ?, bo_count_comment = bo_count_comment - ? where bo_table = ? ",
		array($save_count_write, $save_count_comment, "$bo_table"), 1, 1);
}

$msg = "해당 게시물을 선택한 게시판으로 $act 하였습니다.";
$opener_href = "./board.php?bo_table=$bo_table&page=$page&$qstr";

echo <<<HEREDOC
<meta http-equiv='content-type' content='text/html; charset={$g4['charset']}'> 
<script language="javascript">
alert("{$msg}");
opener.document.location.href = "{$opener_href}";
window.close();
</script>
HEREDOC;
?>
